When using windows to manage linux servers, SecureCRT, Xshell, and open-source putty are usually used. Most of my work environments use password authentication for logon. Today I learned some SecureCRT key logon methods. Compared with password authentication, using key authentication for Logon has the following advantages:
1. Public Key Authentication allows empty passwords, saving the trouble of entering a password for each login
2. When multiple users manage the server, they can log on to the same user using multiple public keys to avoid the risk of password leakage because password authentication is required by users. Changing the password with passwd does not affect the logon of other users.
3. Public Key Authentication for short passwords provides a convenient way for O & M automation.
Www.2cto.com
4. If you use the putty software, the password saving function is not supported for the moment. You must enter the corresponding password for each login, and key management allows you to easily log on, saving you the trouble of entering the password.
After learning about this advantage, this article will start the SecureCRT key Logon Setting Process.
1. Generate a key on SecureCRT.
Next step
There are two encryption methods: DSA and RSA, which are supported in OpenSSL. You can select either of them. Next Step
You can enter a password here (the password is required for Logon), or leave it blank.
This is the password length. The default value is 1024. Next Step
Creating a secret.
Note that the setting is in OpenSSH format.
2. Copy the public key to the server.
There are two files in the generated key, one public key file (Identity. pub) and the other private key (Identity ).
Copy the content in Identity. pub to a specific file on the Linux Server :~ /. Ssh/authroized_keys
"~" The main directory of the corresponding user. take root as an example.
If the. ssh directory does not exist, create it and write the public key information to the file:
<! -- [If! SupportLists] --> 1. <! -- [Endif] --> # mkdir ~ /. Ssh
<! -- [If! SupportLists] --> 2. <! -- [Endif] --> # chmod 700 ~ /. Ssh
<! -- [If! SupportLists] --> 3. <! -- [Endif] --> # vi ~ /. Ssh/authorized_keys
<! -- [If! SupportLists] --> 4. <! -- [Endif] --> # chmod 644 ~ /. Ssh/authorized_keys
Note: You must note that ~ /. The new ssh version must be 700 ,~ /. Ssh/authorized_keys must be set to 644. Otherwise, logon failures may occur.
3. log on to SecureCRT using a key
Based on the above configuration, the default configuration of the ssh server is that you can log on through the key. If you still cannot check the previous steps, and the options related to the ssh server configuration are adjusted as appropriate.
Configure SecureCRT to log on to the linux server with a key
Adjust the PublicKey authentication to the first. Click Properties next to it to set the storage address of the local key. You can directly connect to the linux service.
4. OpenSSH server configuration item description www.2cto.com
OpenSSH configuration is usually stored in:/etc/ssh/sshd_config
PermitRootLogin no # prohibit root User Login
StrictModes yes # Check whether the key user and permissions are correct.
Www.2cto.com
RSAAuthentication yes # enable RSA Authentication
AuthorizedKeysFile. ssh/authorized_keys # verify the storage path of the Public Key
PubkeyAuthentication yes # enable Public Key Authentication
PasswordAuthentication no # password authentication is disabled. It is enabled by default.